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(57) Abstract: 



PURPOSE: A method and a system for user authentication based on 
an EAP(Extensible Authentication Protocol) coexisting with terminal 
authentication in a portable internet system are provided to utilize 
conventional PKM(Privacy Key Management) and EAP methods without 
modification by performing the user authentication based on the EAP 
after terminal authentication based on the PKM. CONSTITUTION: A 
mobile subscriber station authentication process is finished by using a 
PKM protocol. An EAP request transmission message for user 
authentication is transmitted to a mobile subscriber station. The mobile 
subscriber station receives the EAP request transmission message for 
user authentication and transmits an EAP response message. The EAP 

request transmission message and the EAP response message are exchanged each other and a user authentication result 
message is transmitted. 
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*fl| °jEl<-j! A]^, ## 7 | °J^, Sf^*} «SSf, oj^ 

'{!<)|A| 

'.-V! - C l a "J 

£ 2fe & li^sl Mr^t* ^ ^] ofl <Hl ufS EAP # £S-f(Call Flow)# *4«M-\« 3^3 °l 4. 

100: «1* 7}<&A itlMAj no : 7|x|^ 
120 : ACK 130 : HA 
140:AAA140:IPM|£*13 

i O — I I 1 

VJ'goi -+-sH.? "'l-.v '•$! .'• M-°>2| J/ ''II 'l-.v 

4MI*Mfe. *cfl ^lel^l HS.Ji.§(Extensible Authentication Protocol : °1 

*r 'EAP'ef #) 7)>&s\ a\&t\ tl#-§- PKM(Privacy Key Management) 7)uKs| £<*7] ©|*o(| >g7||3. *r 
<*l tfTM c Jt44*^f y^-S: 7 r ^-*MI *Vi. AAA(Authentication Authorization Accounting) ^t»H| JjtsW 
•g- EAP-MD5(Message Digest)** •tf'S?- 4-§-$ <r 5U;>fl *rfe ^ H a|^^<H| 

3ft«M. *i*h f-*! «}-^^<H| u).^ JjLAj ^.Ajp^wjreiess Network)-!- ^-aJ ^-a] 

i7r *fl?SU 5tl=+. 7r^ -T--y A 1 u )^fe *ti 3lM Af^4#<Hl7ll ^Aj.03. AAj afl^fc 

s-^ ^ui^s-M °)tt a)^4 ^±<hi ^ofl^^i Ai«i^-g- ^ si^Hr 4^ ,<j i sm. a^. »n^i 

-g-^j -fSr AiH)i§ &«<|?ir *le<Hlb ^-Al tf^lfij Af-g-aW* °A} ^.AJ^A oj 

f"fc! 7|#s] ££3. <U*1I cff 3^(CDMA : Code Division Multiple Access) «1* ^>tl a|^^ 

<H|Aj A^uiArfe. §.>y A^uii^ojo) omef, *«l^(Circuit) HIoHM, aJl^(Packet) H|°|e1S 

mil ile<H|fe ^Mf-ilsl ^-tS. ITU-R<H1A1 a§«£ *H*rH al^f 3 ^lcfl §aJ Al^ejo] imt- 

2000(International Mobile Telecommunication 2000)H?!c|), CDMA2000 IX, 3X, EV-DO, WCDMA(WideBand 
CDMA) f-)<»l A>v.g.^s| ji 5^4. IMT-2000-& CDMA 2000 IX. 3X. EV-DO. WCDMA(WideBand CDMA) 7|^ 
2J IS-95A. IS-95B D <MM ?!Sj-^ IS-95C °^-& °|-g-»M IS-95A. IS-95B «3-<H|a1 ^1?} 7|^# tfo]z] 14 4 

Kbps»-r 56 Kbpsa.cf ^tf es^ Sjji 144 K bps2] ^1* ^-Aj olE^wJi-a- *|)^ ^ ^fe A 1u lio|c|.. IMX _ 

2000 AlH|i# ol-g-s^ 7 )$2\ AAj $ WAP A 1M )i -g-^o, ^aj-o. gg. 4fl ^EloiqtH A-|U|i(AOD. VOD §)§ iL 

^e1«4. 7|£2J f-i! AUSS^- 7|x|^ .7^ ui^.o| nD^o)) ^.aj °\i-]y3) ^ji. <>lf- f-Al ^7) 

s\ 3.7\?\ ^7| ufls-oi] o|-8-§ 4 s 5afe SsfliM ^«r<>l safe f- £Ji^ ¥-t! •JlE^J!^- tlli l *r7|o)i^ xjcf. e 
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-r-Sd ^(Wireless Local Area Network) 7)#£ 34 W $ ^r* ^(Coverage) &43- W^a] 
^7f|7V S14. t*eH. *cfl^*r 0)^0] j£#sV«] X|$« ii-if ^ ?!El>-i AjH|it- °|-§-*f =r Slfe 

iul^ #d| <?] ^(High-Speed Portable internet; °l*l 'HPi'^ A)ie,go| tfl^slSicK 

HPi 2.3 GHz ^a>^ tfl^-g- Aj-g-sH, -frl-aiA(Duplex) TDD(Time Division Duplex), <**l± 

(Access) »S-4| AS. OFDMA(Orthogonal Frequency Division Multiple Access)!- 4*^4. £Sh A l^r 60 km/\\S\ <>]%■ 
^•S- HZ ^f£fe 24.8 Mbps°lM- 3$ 5.2 MbpsS. ^*\*} "13)3 *HJ& 

IPUnternet Protocol) 7l»LVs] J?-*! n|o|El A|iig©|cK 

^•i! 3KWLAN : Wireless LAN) &S°J 802.1 HH^ <He1 7\x)$\ EAP H^°) *M5M £a] a>-§-£U Slfecfl. 
WEP(Wired Equivalent Privacy)^ &9l H 33 ^(Static Key)S) *l]# &*\M 7|«?11V SMcf. o|^s. £ 

(Dynamic) AflAj 7|hV2) WEP»I WLAN°fl SL^slSm. £3 -Ml*! 7)>*V WEPS] #*q. WEP ?l(Key)«-& 

EAP-TLS(Transport Layer Security). EAP-TTLS(Tunneled Transport Layer Security). PEAP(Protected 
Extensible Authentication Protocol) o|**M ^7|*}o.3. 4444. -f eW<>!H(Client)Sl- AAA?}- o}.^ ?| 
(Master Key)# H-y (Negotiation)?}- «H. ?|£ AAA£?E| AP(Access PoinOS. J£U|?14. °M u^a}. £ 

•I. EAPfe- oleift WEP21 3*1 ?1 &*H 95 £L°J fl«MM ?l e J*H «e| °| ^o|cf. 

^•il "JKWMAN : Wireless MAN)£ 134 4# 1M* J£°J4. *le afl^SU 5**7 HW* 7|£s] EAP 7|^ 
4 PKM 7|«a& HH°.S>H. -fAj EAP ^. ^«8«H ?)# * "I-— ?m PKM^I tf*W 

4. 4-g-T-r ^4 ##7l "J* 6 ! ^g^l*! ^fe iHojcf. 

PKM(Privacy Key Manager)^ # ^2)£)-H Slfe "K WEP2) ^s)x] #£1}. EAP-TLSSr 2 

<>1 fpeH'SH ^21 0 J*4 a]b1 <£lf-g- £¥ €5-5. S r fe ?)(Public Key) A)ie« .g. uflA| (deployment) ^ 
(Management) &*V\ 5tl4. ^214 Slfe <>l§- ^f^^ ^eflo| Ai (Mobile Subscriber Station. °I*V 'MSS" 

^) 9? 7|^l^(Base Station : "BS'ef ^)-8r °J^a^- tfl^ji si<H ^ £3 S-')|7 r IrASsV^) 2^ HI 

*)^TEK-ir ^7|2j >3-tfs|fe «V =9*! ?l ^1]-? §-=0)7 r «t^s|^ S^fecf. ae«A^ PK m^- WLAN°fl *] ^ 
^S5)fe a.<LV &=Hl7f *^S|«1 ^o.S.S. PKM ^^JaI EAP?W ^«9*H t^*!*}" »l5.fe- ^4. 

31$. EAP-MD5fe °^E1 ?l& ^^*rfe "MMf 10 ) ?!^^ »o v <4 °ll A 1 EAP-MD5# °l-g-t 4 s 214^ 

EAP-MD5tt 7]4i«l 0 J ^§£) EAP *l€-§- ^l]^*Vfe- EAP °J-^ fr^2j s}i+3. AAA<H| ^ SU^r 

at-^^J °l -fr^-l- <>]-§-^l Hh^Sl 5HM ^ ^ 

£tK "^•a^Al^HJ ^(Authorization Key)7 r EAP AAA ?|3. M-S-^^. BSfe 4^2} Efc|i>l§ ^Vel ^fl 

^ &Rr <Hef^l AjjTjcf^. g-7i]^o| ycf. WW ^o)«HB- 1£ %W %*) S. 1*1 cf. 



Ill 1] 
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8. 144 2.4* n\s\ £4. 77JI4 e^o|o)7|. Auth Reply "11444 44 3444. 4£4 444 44 EAP if PKM4 
£444 4444 444 i=H4 ^ 47Hxr AAA5.44 BSfe EAP 4444 31)44:*. TEK 44 444 

sti44ai 444 744 EH44 2:444 MSS3. 3444 44. 4^- BS44 4^4 4443 #4sH4 4* 44-§~§- 

4444 £44 £434 o^Cf. 

uvtjjft) civ-j./.l SK-: 44 ?! 4<l| 

3#4 4434 4344 44 4 4-34. 44 yei^ 4^344 eap 444 A >^4 <y^.g. PKM(Privacy Key 
Management) 444 £44 4* 4^4 ^fljS. 4*444 44 444 4*4 A>-g-4 o|^.§. 7^*>7fl *U. ^4 
AAA(Authentication Authorization Accounting) 444 444 44 EAP-MD5(Message Digest)4 44 44 
4 * SU^Hl 4* 4* 4$ 95 4i«y)4 4*4* 44 44-2.S. 44. 

«i c -1 l o i o 

4 444 =0) 1 444 444 44 'UEi'-J! A|^o||A) o)% 7 >oJ4 iE||6|Aj o]^4 -?£4* 444 4* 
(EAP : Extensible Authentication Protocol) 444 K\£x\ <>}# «g-«goi] 44 a|. ( a ) pkm «.3.-5L-f-§- 4*4 44 4* 

4<>J4 iEWa 4*4 45-4 *4. Af-fr^. O]^ EAP -8.^1 3* 4444 44 4£- 7^4 -^43 0£ £a] 

4* 44: (b) 44 EAP .B.^ 3* 4444 ^a}£ Aj.7) o|£ iE)|o]Aj o. s. j=le1 EAP *4 444# ^44* 4 

711; 91 (c) 44 EAP 3* 444 91 44 EAP *4 4444 4 Afetl 44 ^44 $-4, 444 4* 44 444S 
*44* VftlS £44* 34 43 o-S. 44. 44 4-8-4 4* 43* 44 4* 4°J4 iEfl4>a 4*4 445. 

4* 5!-§- 43-2-3. 4* 44 44"-* Aji^oflAi o|^. 7 ^jAf ^EIHA* 0] ? . 7 | UjfiJ A> 

-8-4 ^1*^. 

•g- «!-<g2| ^11 2 ^"^<H| fi]4^. #cfl ^jEl'-JI Al^E^jollAl 7r <a4 >:Eflo|Ai 01^4 ^4fe- tlf 1 HS.£# 

(EAP : Extensible Authentication Protocol) a}.^.^ o|f^ Al^Efloii siojA), EAP 2.% "1144?! EAP-REQ 

»IM*I€- ^^14^ noil -8- ^-4*1 EAP -§-^- "11 4 4?1 EAP-RSP "114 4 fi ?i*4-ir 7 r < B4 ^efl 4 ^; 91 PKM SS 
4-8-^ -8-4 6 1ts- 7>°J4 ^eim*! t]^o| ^oi) t a>^-4 eap »I144# ^4 o|^. 7 f 

0J4 iEflo| >g ^a|5}j, A^ 7 | 7^4 ^Ei|o|Aj^ s .« El eap -g-^- "11441- ^-t!44. #4 EAP A^' 4* "114 
4 91 #4 EAP -S-tf "11444 Q 4efl 4-* JM| ^4 o|^. 7]-oj^ ^£1)0)^0.^ a^4 o)^ ^.4 «fl44«- *4 
4*r 44^-& 3£'&4i=r ^4 4s|, ^4 Aj. 7 ] oi§- ?v«axv iefl4Ai 01^4 ^ 7 i|s. ^*Bs|fe 73 

^ A|i^§ ^11^114. 

44. -id- '^21 4lraltt 444ft £"31-8- 4244 4^1*1 4»3«4. -9-4 4£ , a^ ^-yiLi§*q 4a^-5: 
fi- ^-4^6ii ^^4. ^A±a-«^1 cj|«ii4 fe t}£ i4£jciej-£ 7)-^^ 4 *«J4 44 £^ 

4i si-g-oil *48114 44. 3E4. •& ^^4<H1 44. 444 *4 se^ 4*4 «1I4 ^^11*14 1^4 -g- «. lt a 
4 5.4^- *4 ^ 44^ 44£l tt =3-f «Hl^r a 444 -H«g£ ^444. 

E 14 4 4^4 4444 4444 4^ HPi 7H44 444 -?^£44. 

Z. 14 £44 44 44. HPi 4^<34 MSS(Mobile Subscriber Station)(100), AP(Access Point)4 7]4^(BS : 
BaseStation)(110). 44 7fls) 44^(110)# ^r44fe 44^ 4Sf- 4^-44 ACR(Access Control Router)(120). 
IIAOIome Agent)(130). AAA(Authentication. Authorization. AccountingKHO). IP M|S4a(l40) ^ 44^(160) ^g- 
4 3L44 * 44. 

444. 4 4^4 4444 44°I14 4& MSS(IOO)^ HPi 4^4 ^^44 AjI^ J?-^ <yei>-j! a^hi^ 4^.3^ 
4*f-4 4444- 444. 434 RF(Radio Frequency)/IF(Intermediate Frequency) 4 SSft4 7^-. 44^ 
44 91 44 4^4 4ir MAC(Media Access Control) 5.EI14 7^ ^4 7 |-^-. sfli=5.a 7 |^- o]^- 3) ^3iS|- 7|-^- f--g- 
^«J44. 

4 *«S4 4444 4444 4^ MSS(l00)4r BS(110)S.44 EAP 4* 4444 EAP-REQ "0441- ^44£ 
^4 4444 EAP -8-4 4444 EAP-RSP 4444 4*44 EAP4 4-8-4 4-8-4 4^4 7^4711 44. 
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£ 444 444* 4444 4€- 44^(110)£ HPi 4^*4 APS. A 1 ACR(120)S.J?-E1 ^a)# cJ|o|e1§ ^-t}o.S. 
MSSQOOW 4*44 44. 443 RF/IF £* 4 ^Sf-4 7|-^. OFDMA/TDD 44 >iHl#^i"l *H"i 4*4 4*. 4 
4 A 44 4 44 434 4-g- MAC « 4* 7}-h1 ^4 7l^, 50 Mbps^ S44 444 *i|<H 7 1^, 4^- ^. 

& 4fe4. 

£ 434 4*4* 4444 4£ 44^(110)£ o)^# ^Sll EAP .fi.4 4* "II a] x| (Request Transfer 

Message)!- MSSUOOW #$®2.3.»] 4-8-4 4*^. ^ 7 ||Sl EAP .fi.4 4£ 4444 5L$£ *o)|. EA p Aj 

^(Success) £fe 44(Failure) 4444 BSUIOS.^ MSS(100)3. SL444. a^xV °]fK>l *Jsll*><3 BS(llO) 
44 MSS(100)4 4?fl4 £€• 44 #44444 x||aJ ncfl & -8-4$4. EAP ?! 4S 4-8-* 

4-8-4 4*4 4* 41* 4-8-£ *£*7|£. 44. 

*4. 4- 444 4*4* 444^1 4£ MSS(IOO) 95 44^(110)£ o]|©|El 50 Mbps 44 4* 44^ 4 

a^- 44 44 a«3 7|^, ajaitv s.c3 7\% ** 4^4. 

4 «l- t 3s1 4*4* 4444 4# ACR(120)-& 4*r 44 444(110)4 ^-8-4fe 44^ 4*4^4 444 
(110)44 *££5. 14 7lnr, ACR(120)44 «E2S 4->, ofl^ 2^-4 7 |£- ^E] 3^ 7 |^ ^ 44b), IP M|e 
43(150)4 3 £€4. 

& 444 4*4* 4444 4^ HA(130)£ 444(160) #4 4* 45! 444 4u|>; 4u|£4-4 afl^-a- 4*4te 
4-fU(Routing)4- 4**44. AAA(140)ir 44*K110)4 4*44 MSS(100)44 4** 45! cil *>1 <HI 4* <r 

*4:a, mss(ioo)s-?-eisi 4?-*4. 

4 444 4*4* 4444 4^ IP iflS*Ja(150)fe 44^(110). ACR(120), HA(130) 4 AAA(140) 4444 
^oi. 444(160) #4 si-r- s(|5i 444 4h|^s^4 45! 444* 4444 44^(110)4 4**4. 

4 444 4*4* -a44fe tflM °]^<y pkm y*4 4-8-4 °J-^°J EAP?V >g7l|s ^^4fe 5!* ^^is *4. 
^ *44 4*4* -H4«i]o|| uj.^. EAP *4€- PKM 4 h*4 4^-4 i r 8 3€4. 44 4444 4444H 

(Secondary Management) CID7h 4-8-44. EAP 514^- PKM4 S<a# t]\o]t\ <&z.# hJ-aJ^. o|^-«)-a| ji^c}. ut\ 
4 44 EAP H44 EAP-TLS(Transport Layer Security) EAP-TTLS(Tunneled Transport Layer Security)4 
^4 *£4* 44 ^^44 i£4°H4 444 4E(Primary Management) CID7f 4*4b 4. PKM4fe 4^- 

?! 414^4 44. 

£ 2fe 4^4 444* ^444 4G EAP # #S.^-(Call Flow)# 444 £444. 

£ 24 £a|£ 4s} ^o), EAP A*j 444(Request Transfer Message)^ BS(llO) S^4 MSS(100)S. ^M|?!4. ^ 
44 PKM 4* °H44*r MSS(100)5.-f4 BS(1 10)S. A44S.S. EAP A3 4* 444fePKMA4 3* 444 
4 4444 ^fe-4. 

£ 24 £44, MAC 4444S 444* 2.2. 444 44 a 244. 



(i£2] 



Type 


Message 


Message Description 


Connection 


60 


M0B.H0JND 


HO indication message 


basic 


63 


EAP-RE0 


EAP Request Transfer messaw 


primary 


64 


EAP-RSP 


EAP Response Transfer message 


primary 


65-255 


reserved 
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5. 2H S.*]& EAP-REQ °i)A|*]fe EAP «HW*|3.<H. BS(110)7 r #£#4 EAP tflo|e^ ufa^ 

S^7| jivH^lcf. EAP-REQ "fl^l^lfil 2£ ";!•§■ <4Ef\5 SH H. 3«14. 



[ft3] 



Syntai 


fee 


Notes 


EAP-REO Message Formatflf 






Management Message Type = 63 


8 bits 




Transaction ID 


16 bits 




TLV Encoded Information 


Variable 


TLV specific 


i 







EAP-REQ "H^Hfe CID. MSS(100)s| £4*1 "13 «fl«-l*Has CID 5! S 91 ^(Transaction) ID f-sj 43°|iH& a 
e^jM^ | Dfe iOc1(Sender)ofl sl*fl t^lir SS^sl i-ft ^H^M*. o|e^ 4^1^ 
& TLV 3tr.°£.*1 a4«c}. <*}7H TLV SAID(Security Association ID). EAP Payload 91 HMAC Tuple 

s 2 *r Sicf. o}7W. HMAC Tuple <HSeHfH£ i>||a|*| ofo] a^Hl- atfsfBj, EAP ^^1^1^ o] 

£ 2«J £A]^J EAP-RSP "11*1 EAP-REQ "I|a|xH| cfl# -g-tfo. 3_a] EAp i£#£c}. 

MSS( 1 00) 7\ EAP-REQ EAP-RSP »«a]x|§ g£S}a] £0.13, BS(110)fe- EAP Payload 8M EAP-RSP 

«*a|*|£. EAP-RSP "II A ] *| 2| t+^Ml 5Jo| a 4 o|cf. 



[X4] 



Syntax 


Sis 


Notes 








Management Message Tvoe = 64 


8 bits 




Transaction ID 


16 bits 




TLV Encoded Infonnaiion 


Variable 


TLV specific 


1 







EAP-RSP "iH*l*r CID. MSS(100)2l 2«f«He| "H^WiS CID ^ Hl-§-S|fe EAP-REQ "Ha^Is^S) Hgjgg 
(Transaction) ID f-s) 44 a l3* £tf «ct. HlK *le^ s>.& sf-eWelfe TLV 3t°-3Ai a^cf. a|7M TLV 3$ 
& SAID(Security Association ID). EAP Payload 32 HMAC Tuple *! <r oj?)^ HMAC Tuple "HSel-fJ-S. 
Ajjc-1^ <yf^7| fltt o||a|^| 4o)*||&H4 £$«M. EAP "1|a|^12) <HSel, M r E e|^e vflot] ^ee] « e 7 f fief. 

■& *«8a) *JAHoll 4€- °J^- ^^-(Encapsulation) PKM(Privacy Key 

Management) $ EAP HSMf- ■£<>] 

■¥-a. #£# = 3.S£--& ul^JE! ^-tfl^ -¥-Aj 3^(B\VA : Broadband Wireless Access) H|£$)a§ tflo] 
#m ol d|°lEl #£$ #a) oj- o^ae)^ Cryptographic SuitesSj W $ 

MAC PDU sflo|S.H<>l| <g3LS]£& *)-§-*>7l fl-aj 

PKM «S.S#£ BS(110)S-?-cH MSS(100)S ?|(Key)$ tiMelfi) *H3* S-ufiS- o)e^V pkm 5 

£.£■§■§• mss(ioo)s+ BSdiom di»iem §-7|#3Lji, bs(iio)^ Mis^a Aiu]ioii cii^ °jj>Mi^-g- 

^8>ir «| o| H£Sf|- «|-§-tr4. PKM 2.2.£.g& <>)-§-*H MSS(100)§ °d&S\3. •U^J'lft Hft*f?)l 
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EE IK EAP 2.3.S.g& EAP# AM-*M 4**r EAP u <r*HI 7|«JH.V 4-8-^ °J<f £ BS(110)fe 

MSS(100)& °J*SroL. MSS(100)fe BS(1 10)& 

PKM SSM^g- MSS(IOO) H$H ?rS.€ *4| BS(110)fe EAP 3£ °D A l ^KRequest 

Transfer Messaged MSSdOOW tf'fr'&o.S.*) °J*& <r 'flsl EAP .fi.3 <1|a|x|7|- jz«g 

EAP -^(Success) JEfe ^(Failure) "M^W BS(110)£.?3 MSS(100)sL JiM)?!"}. Af-g-xV <>1^o| gg|«|. 
■S BS(110)fe m- MSS(100)«r £S 4# *3A|-7|7i4 >H|Aj *jJi& ^cl|S. 4*1^4. o|*KJ, EAP U <H 

£ .£.BlelHEl(Operator)s] ol-g-^^r. 

4M«H nfe.^. EAP 3- °l-8-lV A)-8-x r tl^^r PKM-g- °l-g-Srfe °l-£o| g-ejsH *r 

*$s*7ii €4. ^. EAP ?] 2$ 95 A^xf <jl-f o| PKM-g- °l-§-*Rr *<H] ^*js)fe ^|o|cf. 4;>H. 

*«asrfe «el. *1*7|<AK) ^tlMH. H^fe AAAU40H s1*fl #e}sU. tflM ?|(TEK) £eW& H-tl-S: 

BSdlOH 2|«1| #els|H.3., eH°) &o| BS(110)Sr AAAU40) aH°W f5|s|<H ^^€4^ 5U4. 

«rt«l^ -M-^HHl 4^ EAPS- o|*« o.sfe EAP-MD-5, EAP-TLS. EAP-PEAP, 

EAP-TTLS, LEAP 95 PEAP71- 51 4. 

EAP-MD-5(Message DigesOfe 7|£*|<>] EAP *H2-*Br EAP -fr^lCr. EAP-MD-5fe 4*x> # 

1KM 4» Sl°.H£. <a«V^o.S ^ LAN -"Wife tS#S|*I qv-^ o) o,^ o.<g o. aJ^^. "-Aj ^^olole^ 
MlHflsH rfl$ tf£ #7l|7f &O.H.5. °J^ D J *H*#4. 4|Aj 7 )>£ WEP >&o\*& ^ ojfe 

•fl-S- *l)S*r*1 &fe4fe ^ *i«-H4. 

EAP-TLS(Transport Layer Security)*? ^°\<£*. % HIEflaofl <il^ 7 )«V ^ o]^ *|fgc|.. o| 

<H1 Jil^-i- ^SfSl?) #4 sfl AV44 7]^. WEP ?] 9! WEP ?1# ^^^.a ^£4. EAP-TLS2] ^ 7|-x| <J 

^•S- #2Wi!JMr4 ahh% a^oiiA^ oj-^a^ ^e]8«^ ^0)4. 

EAP-TTLS(Tunneled Transport Layer Security)^ ifl"i(SE^ "El^")-|- §s|| -tejolotefi). M|e^£l<h| tfl 

t V 71HJ a 0 V£ oj - ri ^.^o] a^t-V j££ ^-53 7|»J- WEP <«<llfc ^ Slfe "J-'a^- ^l^^. EAP-TLS4 ^-el 

EAP-TTLS°flfe- tl^4^ aI*.^ €4. 

LEAP(Lightweight Extensible Authentication Protocol^ ^S. Cisco Aironet WLAN"H] *j EAP -fi-^ 

»s *,S^« WEP At+«H <H]°lEm ^±^slo| «i ^]#^- 

PEAP(Protected Extensible Authentication Protocol)^ Jll^Al 7\>& ojf' tfl o] e| ,3- 802.11 ¥ 

MlS^laa -?-*H °J?i*r?ll ?!*^ *f Slfe «o v 1i-§- »l*«-cf. PEAPfe PEAP #4°l^S.fi}. o] - a^ ^ e^%-g- a>^- 
*M °l ^*5?V4. PEAP^r -frA).# 7]^-|- ^*|«>*r TTLS(Tunneled Transport Layer Security) 4 ?M a1«]^ 

t!*^** 4**H Jfil" ^{d LANS) «> ?hfcS}-t.£.iM ¥3 LAN -teH<dm§. y^^cf. 

fl^H 1 Hh^S) "r^^l^ ^a|^o)1 ufEB), EAP1- a^x^ <?j^4 pkm* *|-g-^fe «f]-^7| ©l^o) g-elsH ^ 

«Ss)s.S. ^efl «>0«|a) o|^x| ^?Scl EAP-MD52. <>I-S-^ -t tt?H ^<H| AAA(140)°)1 cfl^ 5.u|*l|S.JE tftf 4 

^^-i- <>)|A|2j o.S 3H1 #4^1 ^ o. S ^. t^-lgo) 4=-i\& 7]$&oWA] f.A^2j x|a)^. 7 ^1^ 

4Br<d ^^S) ^AjoflA-j i«*|i4x| ^ ^^|oi|Al cf^tr 'HrS 5J°I4. ^ ^Ai]A^| 7^)^ 

7)-tV^£|fe^^omcf. ^^^S- oVeflsJ ^•gSH s) S foj 811^^^0^ -51.01, affl-^-f-trf)^ MHI SUfe 

o|a> Ajtg$ u) s)- 4 a)-tgofl e\t\^, ojElvji Al^^oDAi EAP 7l«Vs] a^x> P KM(Privacy Key 

Management) 7|hVs] ^^7] o)^o)| ^ 7 || 3. «H 7|^s] PKM »{H4 EAP Mo v ^* «^ 8H ol-S-'S t 1 Si 



- 7 - 



10-2005-0109685 



4£ S.sm 5U4. SEtK fell 4-8-*r4 £#3 EAP-MD5(Message Digest)*)- o|-8-«- <r SWI £ 

€■ EAP "jM-g- 4-§-t <r flM! 34 3-8- -H-ti^-l- 7)-x|7ll sU. o|e|« EAP-MD5tr AAA«H| ^i}7\ a}£ HM4H3. c| 
H^xASLS. 4*4 °J#& 4^$MI $4fer tf*M 5U4. 

(f>7) $-??| 
1. 

#31 A|i^oi|A^ o].§. 7^4 AflMtf °J*4 -?£4*r *!* SS£#(EAP : Extensible 

Authentication Protocol) 4*4 "^"fl 5U44. 

(a) PKM =3.£## «!*# W 4°J4 ^|°14J <H%°] 4£.£ *°t 4-8-4 4$ EAP A3 ?!£ "84*1 
S *7| 7 V«J4 ^iM-iJAS. *<t!4fc a*: 

(b) EAP SL% ?}* "1144© o|f. 7>°J4 iE|]o|>a 6. S .«. E1 EA p DflAl*|.8. ^A| S l£ #7)| : $ 

(c) #7| EAP .9.3) nflAlx| «• a o v 7 | EAF o.^ DflAlx^f g ^Vefl Sl^^l 4*4 ^4 U)|A|X|# £a) 

§ £?r4£ 3# ^$2.2. 44 Al-§-4 A>7| 7H| 4 ^E|| 0 |Aj o}£-4 ^ 7 fls. ^«8s]fe- 4* 4 

=3} £.3. 4fe- #c}] olEl^i A|iejo||Al 7foJ4 Aeflol-a ti*4 #£4fe 4#3 t!^ 7]^s) Af-§-4 # 



2. 

* 1 *<H 51*14, 

^7| EAP 7luvs) A144 <y-^^ EAP-MD5, EAP-TLS, EAP-'ITLS. LEAP PEAP ^ 44 "l^-g- £#4fe 3& 4 

•a. 



3?* 3. 

4 1 1W *W4, 

ir *H °Je1>a 4&fl«l4 °1* 7r°J4 -^fllolti °J*4 -?£4fe 444 SS£f 7)*js| A>-g-4 o]^ « 0 v^. 



4. 

A>7l Af^-4 <y^o| ^lH*V^. 7|X|^$. AJ-7) 7^4 A;Eflo|Ai2). ^.7))^ ^Aj -frx| 5J ^- ^.^1 O.S 



^^*J" 5. 

II 1 1M 5U^4. 
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#y] EAP ?i£ H W EAP -§•# CID, «)# ±i\}o)#$\ «eM°1el fima|<dE CID 



6. 

* 5 *<MI sa°H. 

-S-71 4efn|E^ TLV ^J^Sa^ a ^5|^tfl. #7] TLV Utr-g- SAIDCSecurity Association ID). EAP Payload 3! 
HMAC Tuples 3Lfl-*rfe 5J-§- °.S. &r*r *tfl •JlEl'-J! *te«<HM 7^4 ^tJ|o|^ o>^2l ^^fe o] 



7. 

#HI °A<zM a|^ej|oiia1 o)§. 7).<a4 iE|]o|^ 01^-4 2.S£§(EAP : Extensible 

Authentication Protocol) 7l«£al aHJ-4 Al^igofl o|o|a^ 

EAP £^ "8a|^o1 EAP-REQ "I|a|*|« T^SHd a<Hl 4-#«M EAP -§•£ ^]a|x|o] EAP-RSP "i|A|*l# 

pkm =aa«* o)^. 7 f<y4 ±*\\o\# -y^oi 4-8-^ 3$ eap a$ <h|a]a).§. 

^SM 7 r °J4 ^E||o|-ii #a1*U o|^. 7 pJ4 itllo|^ o.s.^El EAP -g-tf «Ha]*]# ^*H, W EAP A 

$ <H|a]x| $ #7) E/\p P)]A|xl7f # A>2fl O)^ £o|| Aj 7 ] o]^. 7f<yAl iEl|o|Ai 0.3. At.g.7.1 oj- ^4 

"HlAl^l. ^Alslfe- 7|A|^ 

-I" 5^*rfe ^H' £.3. *fSl. ^7| Al-g-T-E ^71 o|f- 7^*1 iEflo|Aj OI^JJ. ^71)3. ^«|slfe ^-g- ^'.2.3. 

Srfe #4 °jEl<4! Al^igoflAi 7^4 iElM-a »!^4 -££8rfe HS.£§ 7l«Vs] Al-g-Al A|A^, 



8. 

HI 7*<H1 fl©M. 

^•71 EAP 7|#S] aI^-a)- EAP-MD5. EAP-TLS. EAP-TTLS, LEAP $ PEAP % *m 5LthS r fe s. 



9. 

Hi 7 S1°H. 

4 V 7| A>^-Af -l^o| ^Bfl^-a, AJ. 7 | 7|A|-^^- a o V 7 | o)^- 7F<UAl iE||o|Aj4 ^7)]^ a& ^|A4-|. #^A)?]i= ^l^ ^ O. 



10. 
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*I]7«H|2]SV°!. 
•8. 



3)?^ 11. 

=«1| 7 *<W 5U<>W. 

-y-7) EAP -fl.*J ?!* "fH*l 91 EAP CID. 7 }oj^ iEflol^ol «c|.o|o)b) »Hu)*|»ie C1D 



3}^*J- 12. 

*« 11 si«>w. 

#7| ul-^o|Elfe TLV a^SlfeHI. ^7) TLV SAIDCSecurity Association ID). EAP Payload Si 

HMACTuple-g- S.®HSz 3<-& S>fe #tfi ^E^J aIa^a^ o)£- 7}^ iElHtj oj^jjj. 0] 

^ = 7l^s] A\&7.} Aji^. 



iiV! t 
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